mirror of
https://github.com/Chia-Network/chia-blockchain.git
synced 2024-09-21 00:24:37 +03:00
325d7f8245
* Moved keyring handling into a KeyringWrapper class * Update click to 8.0.x for prompt_required support * Renamed KeyringWrapper to _KeyringWrapper * Expose password management options on Linux * CLI support for setting/removing a password * Global option for specifying the master password * Cache the password instead of setting on the context * Password bootstrapping during chia init * Tidying up _KeyringWraper's interface * Initial pass migrating the legacy keyring contents * Encryption/decryption of keyring.yaml contents * FileKeyring backend encrypts with ChaCha20Poly1305 * Tightened up keyring migration and initialization * Fixed issues identified by linters * Remove root_path from Keychain * Prevent double-migration if setting master passwd * KeyringWrapper tests are mostly complete * FileKeyring will now honor the service param * Tests for get/set/delete password * Formatting/commenting updates * Writer lock support with tests - WIP * keyring.yaml is now watched for modifications * Reader/Writer lock for get/delete password * Fixed linter issues * Reader lock tests * Formatting update * Hook up CHIA_ROOT support for KeychainWrapper * Quick fix to address test failures * Fixed failures when existing legacy keyring exists * Fixed test failures caused by reusing the same temp dir * keyring.yaml now lives in ~/.chia_keys by default. Can be overridden with CHIA_KEYS_ROOT or --keys-root-path * Fixed migration failure when setting a password (not using the default) * KeyringWrapper now uses supports_keyring_password to determine if a FileKeyring should be used. Patched tests to work regardless of whether supports_keyring_password return False * The daemon now takes a --have-gui option that will prevent calling check_keys() during startup. If the keyring is locked, we want the GUI to prompt for the password. * Added is_keyring_locked RPC call * Added 'unlock_keyring' RPC command * Added KeychainProxy and KeychainServer to handle RPC messages related to keyring operations. WalletNode no longer directly accesses the Keychain class. * Turn on macOS support for testing keyring passwords * Fixed get_key_for_fingerprint to use the ocal keychain if the platform doesn't need to remotely access the daemon's keychain. Fixed key reconstruction when sent over RPC. * Farmer now accesses the keychain over RPC * Fixes for linter issues and some restructuring to support tests that use setup_nodes.py * Couple of fixes to unblock the GUI from launching when a keyring password is set * Added a keychain RPC call for add_private_key() * Added remaining keychain proxy RPC calls for delete_key_by_fingerprint and delete_all_keys * Check for None when inspecting request arguments * Run check_keys after unlocking the keyring when the daemon is launched via GUI * Added check_keys RPC method. Fixed deserialization of key entropy in get_all_private_keys. This was preventing the GUI from being able to show key details. * Added get_first_private_key to keychain_server/proxy. create_plots now uses the keychain proxy when launched from the daemon. * Added a comment about KeychainProxy in chia plots check * Workaround import conflict when importing from 'tests.*' due to fasteners name conflict * Simulator now uses KeychainProxy if launched by the daemon. KeychainServer/Proxy now takes keychain user/testing params for testing scenarios. * Added "set_keyring_passphrase" RPC message * Reworking KeychainProxy usage to handle local keychain tests and RPC keychain tests. * Replace my prior usage of asyncio.run() with asyncio.get_event_loop().run_until_complete() * Silencing file_keyring logging for the moment. * Updated tests to use test keychains and appropriate BlockTools construction BlockTools should now be created with create_block_tools(_async) to handle async scenarios. Updated block_tools to be async compatible Updated fasteners to fix installation of top-level 'tests' in site-packages * Added 'remove_keyring_passphrase' RPC message to the daemon Minor tweak to TempKeyring to default to some test params * Fixed linter issues * Remove flake8 ignore statement now that the fasteners module has been updated * Some initial renaming changes: password -> passphrase * Fixed wallet RPC issue where get_key_for_fingerprint wasn't awaited-upon. Fixed legacy keyring initialization (for migration scenarios) * Fixed improperly merged file * Fixed linter issues. More renaming. * Updated spots that were still using an incorrect keychain call * Renamed use_password_cache, obtain_current_password * Renamed supports_keyring_password * Renamed has_master_password * Renamed has_cached_password, get_cached_master_password * Linter fixes * Renamed master_password_is_valid * Renamed set_cached_master_password * Renamed set_master_password * Renamed remove_master_password * Renamed has_cached_master_password * Renaming in file_keyring and keyring_wrapper Updated default keyring payload used for tests * Renamed get_password Other renaming updates * Renamed set_password Other renaming updates * Renamed remaining password occurrences (where appropriate) * password -> passphrase * Added tests for setting an emoji and Japanese master passphrase * Attempt to notify the daemon when a keyring passphrase is set/updated/removed * Missed one password -> passphrase replacement. * Fixed some file synchronization issues found when running tests on macOS * Adjusted timeout values for test_writer_lock_reacquisition_failure for macOS. * Removed logging statements previously added for debugging * Prompt for keyring passphrase up-front when launching a service. Changed --have-gui flag to --wait-for-unlock * Updated set_keyring_passphrase RPC message to fix optional current_passphrase param when the keyring is using the default passphrase. * Minor test cleanup to deduplicate some code. * Fixed regression when setting a new master passphrase * Minor refactoring and docs/commenting updates * Renaming password -> passphrase went too far. Keyring backends use password terminology for compatibility with third party backends. * Disabling macOS support (previously added for testing only) * Disabling passphrase support in preparation for sending out the PR * Fixed improper merge (vscode didn't save changes during rebase) * Update chia/cmds/init_funcs.py Co-authored-by: Adam Kelly <338792+aqk@users.noreply.github.com> * skip_check_keys -> should_check_keys * Shuffling some imports around to break cycles reported by LGTM * Handle unlocking the daemon if it's already launched and waiting for unlock. * Replaced uses_keychain_proxy decorator in farmer.py. Fixed async usage of get_reward_targets. Linter/reformatting fixes * Replaced uses_keychain_proxy decorator with a clearer method. * Cleanup the temp keyring dir using shutil.rmtree() * Restored self._root_path (had been changed to self.root_path) * Minor cleanup * ensure_keychain_proxy() now throws if connect_to_keychain_and_validate() fails * Plot key resolution now yields a PlotKeys object which can be passed into create_plots. De-indented test_invalid_icc_sub_slot_vdf to keep git blame tidy. * Added 'keyring_status' daemon RPC message to support the GUI * Minor changes relating to PR feedback * Addressed more PR feedback (mostly type annotations) * Commented-out macOS file keyring usage. This can be re-enabled for testing purposes. * Addressed test failures that require multiple keyrings in the same process. Each TempKeyring will now set a custom KeyringWrapper instance. * Fixed logic for communicating user_passphrase_is_set in the keyring_status RPC response. * Updated type annotations and method signature for set_passphrase to expect a string instead of bytes. * Fixed Wallet RPC tests * Fixed full_node_store tests. BlockTools should be created using the create_block_tools(_async) function(s) * Fixed test failures in test_pool_rpc * Fixed test_daemon. After BlockTools.setup_plots is run, the config file needs to be re-read to refresh stale plot_directories. * Suppressing LGTM false positives regarding passphrase leakage in CLI error output. Seems that LGTM sees MIN_PASSPHRASE_LEN as sensitive data. * Second attempt at suppressing LGTM false positives * Third attempt at addressing LGTM false positives * Removed test_keyring_wrapper param from Keychain ctor. Test setup now sets the keyring_wrapper property directly. * Reformatting * More targeted update of the test config to refresh just the "plot_directories" value * More LGTM suppressions Co-authored-by: Adam Kelly <338792+aqk@users.noreply.github.com> Co-authored-by: wjblanke <wjb98672@gmail.com>
100 lines
3.2 KiB
Python
100 lines
3.2 KiB
Python
import pathlib
|
|
from multiprocessing import freeze_support
|
|
from typing import Dict, Optional
|
|
|
|
from chia.consensus.constants import ConsensusConstants
|
|
from chia.consensus.default_constants import DEFAULT_CONSTANTS
|
|
from chia.rpc.wallet_rpc_api import WalletRpcApi
|
|
from chia.server.outbound_message import NodeType
|
|
from chia.server.start_service import run_service
|
|
from chia.types.peer_info import PeerInfo
|
|
from chia.util.config import load_config_cli, load_config
|
|
from chia.util.default_root import DEFAULT_ROOT_PATH
|
|
from chia.util.keychain import Keychain
|
|
from chia.wallet.wallet_node import WalletNode
|
|
|
|
# See: https://bugs.python.org/issue29288
|
|
from chia.wallet.wallet_node_api import WalletNodeAPI
|
|
|
|
"".encode("idna")
|
|
|
|
SERVICE_NAME = "wallet"
|
|
|
|
|
|
def service_kwargs_for_wallet(
|
|
root_path: pathlib.Path,
|
|
config: Dict,
|
|
consensus_constants: ConsensusConstants,
|
|
keychain: Optional[Keychain] = None,
|
|
) -> Dict:
|
|
overrides = config["network_overrides"]["constants"][config["selected_network"]]
|
|
updated_constants = consensus_constants.replace_str_to_bytes(**overrides)
|
|
# add local node to trusted peers if old config
|
|
if "trusted_peers" not in config:
|
|
full_node_config = load_config(DEFAULT_ROOT_PATH, "config.yaml", "full_node")
|
|
trusted_peer = full_node_config["ssl"]["public_crt"]
|
|
config["trusted_peers"] = {}
|
|
config["trusted_peers"]["local_node"] = trusted_peer
|
|
if "short_sync_blocks_behind_threshold" not in config:
|
|
config["short_sync_blocks_behind_threshold"] = 20
|
|
node = WalletNode(
|
|
config,
|
|
root_path,
|
|
consensus_constants=updated_constants,
|
|
local_keychain=keychain,
|
|
)
|
|
peer_api = WalletNodeAPI(node)
|
|
fnp = config.get("full_node_peer")
|
|
|
|
if fnp:
|
|
connect_peers = [PeerInfo(fnp["host"], fnp["port"])]
|
|
node.full_node_peer = PeerInfo(fnp["host"], fnp["port"])
|
|
else:
|
|
connect_peers = []
|
|
node.full_node_peer = None
|
|
network_id = config["selected_network"]
|
|
kwargs = dict(
|
|
root_path=root_path,
|
|
node=node,
|
|
peer_api=peer_api,
|
|
node_type=NodeType.WALLET,
|
|
service_name=SERVICE_NAME,
|
|
on_connect_callback=node.on_connect,
|
|
connect_peers=connect_peers,
|
|
auth_connect_peers=False,
|
|
network_id=network_id,
|
|
)
|
|
port = config.get("port")
|
|
if port is not None:
|
|
kwargs.update(
|
|
advertised_port=config["port"],
|
|
server_listen_ports=[config["port"]],
|
|
)
|
|
rpc_port = config.get("rpc_port")
|
|
if rpc_port is not None:
|
|
kwargs["rpc_info"] = (WalletRpcApi, config["rpc_port"])
|
|
|
|
return kwargs
|
|
|
|
|
|
def main() -> None:
|
|
config = load_config_cli(DEFAULT_ROOT_PATH, "config.yaml", SERVICE_NAME)
|
|
# This is simulator
|
|
local_test = config["testing"]
|
|
if local_test is True:
|
|
from tests.block_tools import test_constants
|
|
|
|
constants = test_constants
|
|
current = config["database_path"]
|
|
config["database_path"] = f"{current}_simulation"
|
|
config["selected_network"] = "testnet0"
|
|
else:
|
|
constants = DEFAULT_CONSTANTS
|
|
kwargs = service_kwargs_for_wallet(DEFAULT_ROOT_PATH, config, constants)
|
|
return run_service(**kwargs)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
freeze_support()
|
|
main()
|